International Association for Cryptologic Research (IACR)
Abstract
Since Bellare and Rogaway presented the first formal security model
for authenticated key exchange (AKE) protocols in 1993, many formal
security models have been proposed. The extended Canetti-Krawczyk
(eCK) model proposed by LaMacchia et al. is currently regarded as
the strongest security model for two-party AKE protocols. In this
paper, we first generalize the eCK model for tripartite AKE
protocols, called teCK model, and enhance the security of the new
model by adding a new reveal query. In the teCK model, the adversary
has stronger powers, and can learn more secret information. Then we
present a new tripartite AKE protocol based on the NAXOS protocol,
called T-NAXOS protocol, and analyze its security in the teCK model
under the random oracle assumption